Prepaid credit instruments are generally well known. Prepaid, remote memory telephone cards are particularly prevalent in a variety of forms, including promotional brochures, wallet-sized cardboard and plastic cards, and the like.
A prepaid telephone card typically has printed thereon the information necessary to effect long distance telephone calls. In particular, a typical prepaid telephone card includes an access telephone number, for example an 800 number, used to access the prepaid calling system. The card also includes a unique authentication code or ID code which is used to access a particular account, which account is usually stored in a remote database resident at the prepaid calling card service provider. Finally, the card includes instructions for placing long distance calls, whether domestic or international.
Such prepaid cards are typically sold in predetermined denominations, for example $5, $10, $20, $50, and the like. Moreover, such cards are often sold at convenience stores and other retail outlets, much like lottery tickets are sold. That being the case, it would be prohibitively expensive for many retail shops, particularly low dollar volume merchants, to purchase a large number of cards from an issuer and maintain them in inventory until the cards are purchased at retail by consumers. To accommodate these merchants, issuers routinely provide merchants with batches of cards, but do not activate a particular card until the card is actually sold, at which time the merchant incurs a payment obligation to the issuer. This protects the merchant from having to pay in advance for a large number of cards which may not be sold for quite some time, or even not at all.
By placing these cards in the possession of the merchant prior to receipt of payment from the merchant, however, the issuer runs the risk of merchant fraud. For example, if a merchant is in possession of prepaid cards which the merchant has not paid for, it would be theoretically possible for the merchant to use the ID numbers on the cards or divulge these ID numbers to third parties and thereby defraud the issuer.
To protect the issuer from fraudulent activity by merchants or other persons in the distribution chain, many prepaid cards are packaged in an envelope which masks the ID code, or in a manner which otherwise obscures the ID code until such time as the card is purchased by a consumer; at the time of purchase, the card is "activated", for example by having the merchant dial up the issuer's host computer, indicating that the card has been purchased by a consumer and effecting activation of the card at the host computer.
For example, a popular method of distributing prepaid cards involves printing, among other things, a unique ID code on the face of a card, and placing the card in a sealed envelope at the issuer or manufacturer. A tracking number is printed on the outside of the sealed envelope. In some distribution schemes, the tracking number is cryptographically related to the ID code, with the issuer holding the cryptographic key. In this way, when the issuer is informed of the tracking number by the merchant at the time of sale of a card to a consumer, the issuer may derive the ID code corresponding to that card and activate the corresponding account. Alternatively, the tracking number and ID code may be related through a look up table or relational database maintained by the issuer's host computer.
Once a consumer has purchased a card from a merchant and the merchant facilitates activation of the card through communication with the card issuer, responsibility for theft or loss of the card typically is shifted to the consumer. For example, if the consumer loses his card or it is stolen, one might argue that the consumer could call the issuer and report the card as having been lost or stolen, and request the issuer to deactivate the account, thereby preventing fraud. While this is certainly true, the issuer would not be in a position to reissue a new number to the consumer or to otherwise provide credit to the consumer for the lost card. This is because the thief or finder of the lost card would also have access to the ID code, since the ID code is printed on the face of the card. Consequently, the thief or finder of the lost card could simply call the issuer and report the card as lost or stolen, relate the ID code to the issuer, and request a refund or a new ID code. Thus, replacement or reimbursement schemes predicated on the knowledge of the ID code printed on the face of the card are impractical.
It has also been suggested that the consumer could maintain a record of the tracking number associated with the card, inasmuch as the thief or finder of a card will have access to the ID code, but not to the tracking number. Thus, it might be argued, the consumer should be able to contact the issuer and report a card as lost or stolen, requesting credit or reimbursement based on the tracking number from which the issuer can derive or otherwise determine the ID code and/or account number. This approach, however, is also flawed inasmuch as it subjects the issuer to merchant fraud.
More particularly, the tracking number, being printed on the outside of the envelope within which the calling card is sealed prior to sale, is readily available to the merchant; indeed, the merchant must typically use the tracking number in order to activate the account for a particular card at the time the card is sold. Hence, reimbursement, credit, or replacement schemes predicated on knowledge of the tracking number are also impracticable.
A secure system for issuing prepaid telephone and other type instruments is thus needed which overcomes the limitations of the prior art, particularly as regards the issuer's ability to securely provide replacement, credit, or reimbursement in respect of lost or stolen cards.